“Vishing” occurs when criminals cold-call victims and attempt to persuade them to divulge personal information over the phone. These scammers are generally after credit card numbers and personal identifying information, which can then be used to commit financial theft. Vishing can occur both on your landline phone or via your mobile phone.
The term is a combination of “voice,” and “phishing,” which is, of course, the use of spoofed emails to trick targets into clicking malicious links. Rather than email, vishing generally relies on automated phone calls that instruct targets to provide account numbers. Techniques scammers use to get your phone numbers include:
Wardialing: This is when a visher uses an automated system to target specific area codes with a phone call involving local or regional banks or credit unions. When someone answers the phone a generic or targeted recording begins, requesting that the listener enter a bank account, credit, or debit card number and PIN.
VoIP: Voice over Internet Protocol, is an Internet-based phone system that can facilitate vishing by allowing multiple technologies to work in tandem. Vishers are known to use VoIP to make calls, as well as to exploit databases connected to VoIP systems.
Caller ID Spoofing: This is the practice of causing the telephone network to display a false number on the recipient’s caller ID. A number of companies provide tools that facilitate caller ID spoofing. VoIP has known flaws that allow for caller ID spoofing. These tools are typically used to populate the caller ID with a specific bank or credit union, or just with the words “Bank” or “Credit Union.”
Social Engineering: Social engineering is a fancier, more technical form of lying. Social engineering (or social penetration) techniques are used to bypass sophisticated security hardware and software. The automated recordings used by vishers tend to be relatively professional and convincing.
Dumpster Diving: One time and tested “hack” is simply digging through a bank’s dumpster and salvaging any lists of client phone numbers. Once a visher has the list, he can program the numbers into his system for a more targeted attack.
To protect yourself from these scams you should:
Educate yourself – Knowledge is the key to defending yourself from vishing. The more you understand it, the better off you’ll be, so read up on vishing incidents, and if your bank provides information about vishing online or in the mail, sit up and pay attention. As this crime becomes more sophisticated, you’ll want to stay up to date.
If you receive a phone call from a person or a recording requesting personal information, hang up. If the call purports to be coming from a trusted organization, call that entity directly to confirm their request.
Don’t trust caller ID, which can be tampered with and offers a false sense of security.
Call your bank and report any fraud attempts immediately. The sooner you do, the more quickly the scam will be squashed.
Document the call, noting what was said, what information was requested, and, if possible, the phone number or area code of the caller, and report this to your bank.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Top 5 Vishing Techniques
“Vishing” occurs when criminals call victims on the phone and attempt to lure them into divulging personal information that can be used to commit identity theft. The name comes from “voice,” and “phishing,” which is, of course, the use of spoofed emails designed to trick targets into clicking malicious links. Instead of email, vishing generally relies
- Watch Out For Caller ID Spoofing
Caller ID spoofing is the practice of causing the telephone network to display a number on the recipient’s caller ID display which is not that of the actual originating caller. Similar to e-mail spoofing which can make it appear that a message came from any e-mail address the sender chooses, caller ID spoofing can make
- Caller ID: Tool for Scammers
Most of us tend to trust the person on the other end of the telephone more than we trust an email in our inbox. However telephone scams continue to plague people and successfully empty the victims bank accounts. Caller ID spoofing occurs when your phone rings and your caller ID displays a name and number that
- Caller ID Spoofing Effective in Identity Theft
Caller ID spoofing is when a telephone’s caller ID displays a number that does not belong to the person calling. The telephone network is tricked into displaying this spoofed number as a result of flaws in caller ID technology. Caller ID spoofing can look like the call is coming from any phone number. People inherently trust
- Caller ID Spoofing Becoming Illegal
Robert Siciliano Identity Theft Expert AP reports using false caller ID with the intent of tricking people into revealing personal information or otherwise causing harm would become illegal under legislation that passed the House Wednesday. The legislation would only outlaw the use of spoofing technology when the intent is to deceive and harm the recipient of
Leave a Comment
You must be logged in to post a comment.